package com.ruoyi.framework.security;

import com.alibaba.fastjson2.annotation.JSONField;
import com.ruoyi.project.system.domain.SysUser;
import lombok.Data;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/**
 * 登录用户身份权限
 *
 * @author ruoyi
 */
@Data
public class LoginUser implements UserDetails {
    private static final long serialVersionUID = 1L;

    // 用户ID
    private Long userId;
    // 部门ID
    private Long deptId;
    // 用户唯一标识
    private String token;
    // 登录时间
    private Long loginTime;
    // 过期时间
    private Long expireTime;
    // 登录IP地址
    private String ipaddr;
    // 登录地点
    private String loginLocation;
    // 浏览器类型
    private String browser;
    // 操作系统
    private String os;
    // 权限列表
    private Set<String> permissions;
    // 用户信息
    private SysUser user;
    // CAS用户信息
    private Map<String, Object> attributes;

    public LoginUser() {

    }

    public LoginUser(SysUser user, Set<String> permissions) {
        this.user = user;
        this.permissions = permissions;
    }

    public LoginUser(Long userId, Long deptId, SysUser user, Set<String> permissions) {
        this.userId = userId;
        this.deptId = deptId;
        this.user = user;
        this.permissions = permissions;
    }

    public LoginUser(Long userId, Long deptId, SysUser user, Set<String> permissions, Map<String, Object> attributes) {
        this.userId = userId;
        this.deptId = deptId;
        this.user = user;
        this.permissions = permissions;
        this.attributes = attributes;
    }

    @JSONField(serialize = false)
    @Override
    public String getPassword() {
        return user.getPassword();
    }

    @Override
    public String getUsername() {
        return user.getUserName();
    }

    /**
     * 账户是否未过期，过期无法验证。
     *
     * @return 结果
     */
    @JSONField(serialize = false)
    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    /**
     * 指定用户是否解锁，锁定的用户无法进行身份验证。
     *
     * @return 结果
     */
    @JSONField(serialize = false)
    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    /**
     * 指示是否已过期的用户的凭据(密码)，过期的凭据防止认证。
     *
     * @return 结果
     */
    @JSONField(serialize = false)
    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    /**
     * 是否可用，禁用的用户不能身份验证。
     *
     * @return 结果
     */
    @JSONField(serialize = false)
    @Override
    public boolean isEnabled() {
        return true;
    }

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return new HashSet<>();
    }
}
